package cn.com.cis.utils.security;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

public class CustomCredentialsMatcher extends SimpleCredentialsMatcher {
	
	public boolean doCredentialsMatch(AuthenticationToken authcToken, AuthenticationInfo info) {
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		char[] needValidPassword = token.getPassword();         // password user input to valid
		
		SimpleAuthenticationInfo simpleAuthInfo = (SimpleAuthenticationInfo) info;
		String correctHash = simpleAuthInfo.getCredentials().toString();    // hash store in database
		  
        return PasswordHash.validatePassword(needValidPassword, correctHash);
    }
	
}
